<?php
session_start();//必须要在任何HTML输出之前启用
/*读取前端数据*/
$username = trim($_POST['username']); //$_POST是PHP中的全局数组
$usernameReg = '/^[a-zA-Z0-9]{3,10}$/';
if(!preg_match($usernameReg,$username)){
    echo '<script>alert("用户名必填！且只能由大小写、数字构成，长度3-10个字符！");history.back();</script>';
    exit;
}
$pw = trim($_POST['pw']);
$pwReg = "/^[a-zA-Z0-9_*]{6,10}$/";
if(!preg_match($pwReg,$pw)){
    echo '<script>alert("密码必填！且只能由大小写、数字、_、*构成，长度6-10个字符！");history.back();</script>';
    exit;
}
$pw = md5($pw);
include 'conn.php';
$sql = "select * from userinfo where username = '$username' and pw = '$pw'";
$result = mysqli_query($conn,$sql);
//判断记录集中是否有记录
if(mysqli_num_rows($result)){ //PHP中非零非空即为真
    echo '<script>alert("登录成功！");location.href="index.php";</script>';
    //添加登录成功的标志位
    $_SESSION['loggedUsername'] = $username;
}
else{
    echo '<script>alert("用户名或密码错误！");history.back();</script>';
    session_destroy();
}